Legal claims defining the scope of protection, as filed with the USPTO.
1. An information management system comprising: one or more workstations connected to a computer network, each workstation having a memory; an application stored in said memory of each workstation for transmitting outbound data to said computer network and receiving inbound data from said computer network; policy data, containing rules for identifying in outbound data transaction data that is part of a commercial transaction, and rules for the transmission of transaction data so identified; and an analyzer, said analyzer identifying, in conjunction with said policy data, in at least said outbound data, transaction data associated with part of a transaction, and making a determination in accordance with said rules of said policy data as to whether the transmission of said transaction data would satisfy said rules; and wherein the transmission of said transaction data by said application is dependent on said determination made by said analyzer.
2. The system of claim 1 wherein according to said determination made by said analyzer, said transaction data is either, transmitted, not transmitted, or sent to an approver who determines whether or not to transmit the transaction data.
3. The system of claim 2 further comprising: one or more approvers, for deciding whether the transmission of said transaction data associated with part of a transaction is approved to be made; wherein said analyzer identifies in said transaction data associated with part of a transaction, transaction data that needs approval and refers said transaction data that needs approval to one of said one or more approvers; and the transmission of said transaction data that needs approval being dependent on the decision of said one or more approver.
4. The system of claim 3 wherein said analyzer identifies said transaction data that needs approval by determining the nature of said transaction data and by checking said rules of said policy data, said rules of said policy data defining whether or not approval is needed in dependence on the determined nature of said transaction data.
5. The system of claim 3 wherein said analyzer determines the nature of said transaction data by identifying at least one of the identity of the transmitter of said data, the identity of the intended recipient of said data, the workstation from which said data is to be transmitted, the sum for which a transaction is to be made, and the account against which a transaction is to be made.
6. The system of claim 3 wherein said analyzer determines the nature of said transaction data that needs approval and selects said one of said one or more approvers in dependence on that determination.
7. The system of claim 6 wherein said analyzer determines the nature of said transaction data that needs approval by identifying at least one of the identity of the transmitter of said data, the identity of the intended recipient of said data, the work station from which said data is to be transmitted, the sum for which a transaction is to be made, and the account against which the transaction is to be made.
8. The system of claim 1 wherein said analyzer determines whether a secure link has been negotiated between said application and a remote site on said computer network, and identifies said outbound data or said inbound data as transaction data, if it is transmitted on a secure link.
9. The system of claim 8 wherein said computer network is the Internet, and said rules of said policy data define the addresses of web sites or e-mail accounts that negotiate secure links for the transmission of data but which are known not to be eCommerce sites or accounts, said analyzer disregarding said outbound data transmitted to those web sites or accounts or said inbound data received from those web sites or accounts, such that no approval is required.
10. The system of claim 1 wherein said analyzer identifies transaction data by reference to said rules of said policy data, said rules of said policy data defining the addresses of known eCommerce web sites and e-mail accounts.
11. The system of claim 1 wherein said analyzer identifies credit card numbers in said outbound data or said inbound data, and identifies outbound data or inbound data that contains a credit card number as transaction data.
12. The system of claim 11 wherein said policy data specifies pre-determined credit card numbers that can never be transmitted.
13. The system of claim 1 wherein said analyzer identifies transaction data by reference to said rules of said policy data, said rules of said policy data defining one or more of pre-determined digital certificates, account codes, pre-determined keywords, pre-determined names and addresses and embedded codes.
14. The system of claim 1 wherein said analyzer identifies embedded codes in said inbound data, said embedded codes having been placed in said inbound data to mark said inbound data as transaction data.
15. The system of claim 1 wherein said application operates such that a user of said application can indicate said outbound and said inbound data that is part of a transaction, said analyzer identifying said outbound and said inbound data so indicated.
16. The system of claim 1 wherein said analyzer is located on each of said one or more workstations.
17. The system of claim 1 wherein said application is a web browser.
18. The system of claim 17 wherein said analyzer is a plug-in module of said web browser.
19. The system of claim 18 wherein said web browser is Microsoft's Internet Explorer and said analyzer is a Browser Helper Object.
20. The system of claim 1 wherein said application is an e-mail client.
21. The system of claim 20 wherein said analyzer is a plug-in module of said e-mail client.
22. The system of claim 21 wherein said e-mail client is Microsoft's Outlook e-mail client and said analyzer is a Microsoft Exchange client extension.
23. The system of claim 1 wherein said computer network comprises a server and said analyzer is located at a point on said computer network intermediate to said one or more workstations and said server, or said analyzer is located at said server.
24. The system of claim 1 wherein said computer network to which said one or more workstations are connected is a public computer network, and wherein said one or more workstations together form a private computer network.
25. The system of claim 1 further comprising a supervisor workstation, said policy data being accessible by said supervisor workstation, such that a user of said supervisor workstation can edit said policy data.
26. The system of claim 1 wherein the analyzer is integrated into said application.
27. The system of claim 1 wherein the analyzer is operable to analyze the outbound data as transmission of the outbound data is initiated by the application.
28. The system of claim 1 wherein the policy data is centrally defined for the plurality of workstations.
29. A method for managing information comprising the steps of: providing one or more workstations connected to a computer network, each workstation having a memory; providing an application stored in said memory of each workstation for transmitting outbound data to said computer network and receiving inbound data from said computer network; providing policy data, containing rules for identifying in outbound data transaction data that is part of a commercial transaction, and rules for the transmission of transaction data so identified; and analyzing at least said outbound data to identify, with reference to said rule of said policy data, transaction data associated with part of a transaction; determining, in accordance with said rules of said policy data, whether the transmission of said transaction data would satisfy said rules; controlling transmission of said transaction data by said application in dependence on the determination made in said determining step.
30. The method of claim 29 wherein said controlling step includes said transaction data being either, transmitted, not transmitted, or sent to an approver who determines whether or not to transmit the transaction data.
31. The method of claim 30 further comprising the steps of: identifying in said transaction data associated with part of a transaction, transaction data that needs approval; referring said transaction data that need approval to one or more approvers for approval; monitoring whether or nor approval is received from said one or more approvers; and wherein in said controlling step, the transmission of said transaction data depends on whether or not approval is received from said one or more approvers.
32. The method of claim 31 wherein said analyzing step includes identifying said transaction data that needs approval by determining the nature of said transaction data and checking said rules of said policy data, said rules of said policy data defining whether or not approval is needed in dependence on the determined nature of said transaction data.
33. The method of claim 31 wherein said analyzing step includes determining the nature of said transaction data by identifying at least one of the identity of the transmitter of said data, the identity of the intended recipient of said data, the workstation from which said data is to be transmitted, the sum for which a transaction is to be made, and the account from which a transaction is to be made.
34. The method of claim 31 wherein said analyzing step includes determining the nature of said transaction data that needs approval and selecting said one of said one or more approvers in dependence on that determination.
35. The method of claim 34 wherein said analyzing step includes determining the nature of said transaction data that needs approval by identifying at least one of the identity of the transmitter of said data, the identity of the intended recipient of said data, the work station from which said data is to be transmitted, the sum for which a transaction is to be made, and the account from which the transaction is to be made.
36. The method of claim 29 wherein said analyzing step includes determining whether a secure link has been negotiated between said application and a remote site on said computer network, and identifying said outbound data or said inbound data as transaction data, if it is transmitted on a secure link.
37. The method of claim 36 wherein said computer network is the Internet, and said rules of said policy data define the addresses of web sites or e-mail accounts that negotiate secure links for the transmission of data but which are known not to be eCommerce sites or accounts, and said analyzing step includes disregarding said outbound data transmitted to those web sites or accounts or said inbound data received from those web sites or accounts, such that no approval is required.
38. The method of claim 29 wherein said analyzing step includes identifying transaction data by reference to said rules of said policy data, said rules of said policy data defining the addresses of known eCommerce web sites and e-mail accounts.
39. The method of claim 29 wherein said analyzing step includes identifying credit card numbers in said outbound data or said inbound data, and identifying outbound data or inbound data that contains a credit card number as transaction data.
40. The method of claim 29 wherein said policy data specifies pre-determined credit card numbers that can never be transmitted.
41. The method of claim 29 wherein said analyzing step includes identifying transaction data by reference to said rules of said policy data, said rules of said policy data defining one or more of pre-determined digital certificates, account codes, pre-determined keywords, pre-determined names and addresses and embedded codes.
42. The method of claim 29 wherein said analyzing step includes detecting an embedded code in said inbound data, said embedded code having been placed in said inbound data to mark said inbound data as transaction data.
43. The method of claim 29 further comprising the step of providing a user of said application with a selector to indicate said outbound and said inbound data that is part of a transaction, said analyzing step including identifying selected outbound and inbound data.
44. The method of claim 29 wherein said analyzing step is performed at said one or more workstations.
45. The method of claim 29 wherein said application is a web browser.
46. The method of claim 45 wherein said analyzing step is a plug-in module of said web browser.
47. The method of claim 46 wherein said web browser is Microsoft's Internet Explorer and said plug-in module is a Browser Helper Object.
48. The method of claim 29 wherein said application is an e-mail client.
49. The method of claim 48 wherein said analyzing step is performed by a plug-in module of said e-mail client.
50. The method of claim 49 wherein said e-mail client is Microsoft's Outlook e-mail client and said analyzer is a Microsoft Exchange client extension.
51. The method of claim 29 wherein said computer network comprises a server and said analyzer is located at a point on said computer network intermediate to said one or more workstations and said server, or said analyzer is located at said server.
52. The method of claim 29 wherein said computer network to which said one or more workstations are connected is a public computer network, and wherein said one or more workstations together form a private computer network.
53. The method of claim 29 further comprising the step of providing a supervisor workstation, said policy data being accessible by said supervisor workstation, such that a user of said supervisor workstation can edit said policy data.
54. The method of claim 29 wherein the analyzing and controlling steps are carried out by means of an analyzer integrated into said application.
55. The method of claim 29 wherein the analyzer executes said analyzing and controlling steps as transmission of the outbound data is initiated.
56. The method of claim 29 wherein the policy data is centrally defined for the plurality of workstations.
57. An information management system comprising: one or more workstations connected to a computer network, each workstation having a memory; application means, stored in said memory of each workstation, for transmitting outbound data to said computer network and receiving inbound data from said computer network; policy storing means for storing policy data, containing rules for identifying in outbound data transaction data that is part of a commercial transaction, and rules for the transmission of transaction data so identified; and analyzing means for identifying, in conjunction with said policy data, in at least said outbound data, transaction data associated with part of a transaction, and for determining, in accordance with said rules of said policy data, whether the transmission of said transaction data would satisfy said rules; and wherein the transmission of said transaction data by said application means is dependent on said determination made by said analyzing means.
58. The system of claim 57 wherein according to said determination made by said analyzing means, said transaction data is either, transmitted, not transmitted, or sent to an approver who determines whether or not to transmit the transaction data.
59. The system of claim 58 further comprising: one or more approvers, for deciding whether the transmission of said transaction data associated with part of a transaction is approved to be made; wherein said analyzing means identifies in said transaction data associated with part of a transaction, transaction data that needs approval and refers said transaction data that needs approval to one of said one or more approvers; and the transmission of said transaction data that needs approval being dependent on the decision of said one or more approver.
60. The system of claim 59 wherein said analyzing means identifies said transaction data that needs approval by determining the nature of said transaction data and by checking said rules of said policy data, said rules of said policy data defining whether or not approval is needed in dependence on the determined nature of said transaction data.
61. The system of claim 59 wherein said analyzing means determines the nature of said transaction data by identifying at least one of the identity of the transmitter of said data, the identity of the intended recipient of said data, the workstation from which said data is to be transmitted, the sum for which a transaction is to be made, and the account against which a transaction is to be made.
62. The system of claim 59 wherein said analyzing means determines the nature of said transaction data that needs approval and selects said one of said one or more approvers in dependence on that determination.
63. The system of claim 62 wherein said analyzing means determines the nature of said transaction data that needs approval by identifying at least one of the identity of the transmitter of said data, the identity of the intended recipient of said data, the work station from which said data is to be transmitted, the sum for which a transaction is to be made, and the account against which the transaction is to be made.
64. The system of claim 57 wherein said analyzing means determines whether a secure link has been negotiated between said application and a remote site on said computer network, and identifies said outbound data or said inbound data as transaction data, if it is transmitted on a secure link.
65. The system of claim 64 wherein said computer network is the Internet, and said rules of said policy data define the addresses of web sites or e-mail accounts that negotiate secure links for the transmission of data but which are known not to be eCommerce sites or accounts, said analyzing means disregards said outbound data transmitted to those web sites or accounts or said inbound data received from those web sites or accounts, such that no approval is required.
66. The system of claim 57 wherein said analyzing means identifies transaction data by reference to said rules of said policy data, said rules of said policy data defining the addresses of known eCommerce web sites and e-mail accounts.
67. The system of claim 57 wherein said analyzing means identifies credit card numbers in said outbound data or said inbound data, and identifies outbound data or inbound data that contains a credit card number as transaction data.
68. The system of claim 67 wherein said policy data specifies pre-determined credit card numbers that can never be transmitted.
69. The system of claim 57 wherein said analyzing means identifies transaction data by reference to said rules of said policy data, said rules of said policy data defining one or more of pre-determined digital certificates, account codes, pre-determined keywords, pre-determined names and addresses and embedded codes.
70. The system of claim 57 wherein said analyzing means identifies embedded codes in said inbound data, said embedded codes having been placed in said inbound data to mark said inbound data as transaction data.
71. The system of claim 57 wherein said application operates such that a user of said application can indicate said outbound and said inbound data that is part of a transaction, said analyzing means identifying said outbound and said inbound data so indicated.
72. The system of claim 57 wherein said analyzing means is located on each of said one or more workstations.
73. The system of claim 57 wherein said application means is a web browser.
74. The system of claim 73 wherein said analyzing means is a plug-in module of said web browser.
75. The system of claim 74 wherein said web browser is Microsoft's Internet Explorer and said analyzing means is a Browser Helper Object.
76. The system of claim 57 wherein said application means is an e-mail client.
77. The system of claim 76 wherein said analyzing means is a plug-in module of said e-mail client.
78. The system of claim 77 wherein said e-mail client is Microsoft's Outlook e-mail client and said analyzing means is a Microsoft Exchange client extension.
79. The system of claim 57 wherein said computer network comprises a server and said analyzing means is located at a point on said computer network intermediate to said one or more workstations and said server, or said analyzing means is located at said server.
80. The system of claim 57 wherein said computer network to which said one or more workstations are connected is a public computer network, and wherein said one or more workstations together form a private computer network.
81. The system of claim 57 further comprising a supervisor workstation, said policy data being accessible by said supervisor workstation, such that a user of said supervisor workstation can edit said policy data.
82. The system of claim 57 wherein the analyzing means is integrated into said application means.
83. The system of claim 57 wherein the analyzing means is operable to analyze the outbound data as transmission of the outbound data is initiated by the application means.
84. The system of claim 57 wherein the policy data is centrally defined for the plurality of workstations.
Unknown
March 15, 2011
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.